from the honesty-is-the-best-policy dept

Valve Software this week found themselves at the center of an Internet hissy fit after reports emerged claiming that the company was using their Valve Anti-Cheat System (VAC) to monitor the browsing activity of the company's user base. A Reddit post specifically claimed that Valve's VAC was digging through your DNS cache entries and sending the lot of them back to Valve servers hashed with md5. The post quickly escalated, with Reddit users suddenly jumping to the conclusion that Valve was just as bad as EA, and the company was covertly trying to monetize user browsing data using DNS records.

The entire kerfuffle forced Valve CEO Gabe Newell out of his fantastic nerd fortress to provide what was an interesting bit of insight posted to Reddit on how the normally very hush-hush system works. Newell noted that the company normally doesn't talk much about VAC because it simply provides cheaters with more ammo to hack the system, but he explained VAC wasn't perusing and storing DNS records wholesale, it was looking for very specific "calls home" made by cheat software:

"VAC checked for the presence of (kernel-level paid cheats). If they were detected VAC then checked to see which cheat DRM server was being contacted. This second check was done by looking for a partial match to those (non-web) cheat DRM servers in the DNS cache. If found, then hashes of the matching DNS entries were sent to the VAC servers. The match was double checked on our servers and then that client was marked for a future ban. Less than a tenth of one percent of clients triggered the second check. 570 cheaters are being banned as a result."

According to Newell, this particular effort lasted all of thirteen days before cheat developers found a way around it. The CEO proceeded to note that highlighting how sneaky VAC is in a somewhat sinister light is a form of "social engineering" that's cheaper than trying to develop better cheats:

"Kernel-level cheats are expensive to create, and they are expensive to detect. Our goal is to make them more expensive for cheaters and cheat creators than the economic benefits they can reasonably expect to gain. There is also a social engineering side to cheating, which is to attack people's trust in the system. If "Valve is evil - look they are tracking all of the websites you visit" is an idea that gets traction, then that is to the benefit of cheaters and cheat creators. VAC is inherently a scary looking piece of software, because it is trying to be obscure, it is going after code that is trying to attack it, and it is sneaky. For most cheat developers, social engineering might be a cheaper way to attack the system than continuing the code arms race, which means that there will be more Reddit posts trying to cast VAC in a sinister light."

The CEO insists that the Half-Life developer is entirely uninterested in tracking your interest in busty vixens. While the cat and mouse aspect of the story was pretty fascinating to watch, it's also a nice, all-too-rare example of how quickly issuing a clean, honest statement without assuming your customers are stupid can completely defuse a public-relations minefield.

A whole lot of words to say nothing.

Soooo he is saying they do check DNS... but only use it for purpose A. and we need to trust them they wont change their minds to use it for B. C. & D... profit. which will never truly be revealed to the end user.-"The CEO insists that the Half-Life developer is entirely uninterested in tracking your interest"

The wolf insists he is uninterested in the contents of the hen house... of course he does.

Re: A whole lot of words to say nothing.

What is important is not the purpose but the method. The accusation is that they send back the entire DNS record, and duder explains that the DNS hash is only sent back went it detects accesses to the cheat servers, which is a small number of cases. He also mentions it's only the entries that match cheat servers that are hashed and sent back. The method the software uses is something you should be able to verify independently, you don't need to take his word for it.

tarring your critics?

"For most cheat developers, social engineering might be a cheaper way to attack the system than continuing the code arms race, which means that there will be more Reddit posts trying to cast VAC in a sinister light."

So, anyone who disagrees with him is obviously a cheater? How about someone who doesn't like finding out that their activity is being spied on outside of a game?

While I applaud Gabe for coming out with a human and straightforward response, he could have done so without trying to denigrate anyone who disagrees with him.

As a Single Player Hacker

I hack, but only my single player games.

I am okay with the checking for hacks things, but I think a ban is overkill. not all hacks are malicious and there will always be someone who got banned because their stupid kids did it, or from a false positive.

The appropriate way to handle this is to place a tag on the account and game suspected of cheating on and letting people choose to reject connections with those flags set.

cheaters as well as non cheaters have a right to play the games they pay for, including playing with other cheaters if they desire. Allowing non cheaters to auto reject other suspected cheaters will have the desired effect without taking a cheaters games away.

Stuff like this is why I refuse to install Steam. Maybe this time it wasn't done with malicious intent, but it could have been. By installing Steam, you're basically giving Valve a backdoor into your system. They can decide what you're allowed to run, when you can play your games, etc.

@AC VAC is not enabled unless you play on a VAC enabled server. The server admin has a choice if he/she wishes to enable VAC. Single player sessions do not use it at all.

Chances are if you're cheating on a VAC enabled server, you're up to no good and have an unfair advantage.

If you are banned, you can still play on the (small number) of non-VAC enabled servers where everyone else is also hacking/cheating.

Also, false positives are rare, given the all too unique signature of cheats. Yes, many people have been banned and were innocent, but they were immediately unbanned when Valve figured out it was a false positive. Rarely are false positives 1 in a million either.

Re: tarring your critics?

He's not claiming or implying anything of the sort. He is just stating the fact that this is a strategy that is sometimes used so it's something to watch for. It's an honest statement there is no reason he need to hide that fact to save anyone's feelings. He could have added something along the lines of "I'm not saying this particular poster is doing this, yada yada niceties, crap, not facts, etc.. but I think it should be fully understood from the statement."

Re: DRM should never be trusted.

Well when you make a shopping mall that doesn't have locks on it's doors. You won't get many people willing to rent out a space to setup shop. Steam's DRM is the best customer oriented DRM that I have seen. I have almost never been hindered by it and have been able to always play my games on any of my computers. Can't say that about many other companies' software.

VAC !== DRM

It's worth pointing out that VAC isn't really DRM so much as a cheat detector. Steam does have DRM, and it has cheat detection. What this is for is to detect people using hacks and cheats on multi-player servers to keep people on a level field so to speak.

I remember the original Team Fortress mod for Quake 1, and when people would use cheat systems to be able to respawn by the enemy flag, or take extra damage. It made the game not fun at all. I'm glad there are systems like this in place, even though I don't play games so much any more.

Re: DRM should never be trusted.

Thing is, Valve isn't doing this. Valve's customers for steam are the game publishers. They are providing what their customers demand in the best way they can. The nice thing about steam is that although it uses DRM, at least it's centralized. The alternative is each publisher tries to implement their own and we all know how that works.

Re: VAC !== DRM

Re: As a Single Player Hacker

I think you have achievements, those Steam "trading cards", and general Steam statistics to thank. If it weren't for those, then cheating in a single player game using external cheat tools wouldn't matter on the Steam platform.

The only legitimate way around it is for the game developer to put cheats into the game that disable Achievements, etc, when turned on. So you could blame Valve, or the game devs, or both, I suppose.

Re: Re: A whole lot of words to say nothing.

Yes and no. Thanks to the DMCA it's not that easy to reverse engineer software without breaking the law. Pulling dlls out if memory that aren't permanently stored could be argued to be breaking DRM easily.

Re:

Re: Re: DRM should never be trusted.

Bad comparison. DRM is not similar to locks in a store where you come to buy stuff. It's similar to a surveillance camera placed in your home, because it runs on your computer, on your system in your private [virtual] space and etc.

Re: Re: A whole lot of words to say nothing.

Still though, its really unnerving how this ugly little program can go crawling through your files, sending god knows what back to Valve, and until this point, nobody (except the cheaters) even knew what it was doing.

Seriously I don't want a program like VAC poking around in my computer, if I ever buy a game from valve, ill probably have to run it virtualized.

Re: Re: DRM should never be trusted.

I have almost never been hindered by it

I always view "unobtrusive" DRM (one that "hinders" less) as worse than "obtrusive" one. It's comparable to a hidden surveillance camera vs known one. The fact that DRM doesn't announce what it does and stays out of the way makes it even more sinister, because you get used to disregard it, while it's not in any way less of a security and privacy threat than "hindering" DRM which is very apparently stands in your way.

Re: Re: DRM should never be trusted.

Not all gamers. There are enough gamers who hold any kind of DRM in contempt. For example many of GOG users (Humble Bundle also has many of such customers, though lately they diluted their store by becoming Steam proxy for many games). GOG even made it a business model out of it, i.e. insisting on being always DRM-free and attracted a lot of users by doing this.

Re: A whole lot of words to say nothing.

The problem in the end of this will always be "who can we trust?". Anything closed source is a question of trust and even open source is about trust for the uneducated.

Anti-cheats need to be closed source to keep the armsrace up. Therefore all users have to trust them for it to work. Since it is easy to summon a shitstorm in todays society, maybe allowing unlimited cheating is the only way to go. Call me old-fashioned, but I hope it hasn't come to that... Yet!

Nice to see the honesty

...but this sort of thing guarantees that I'll never play another Valve game. It's waaaay too intrusive, and I don't want my machine hacked (which is what Valve is doing) regardless of how honorable the intentions are.

Re:

I love these kind of comments. There's a rumor that Steam might, possibly, potentially, in some situations get some DNS information and people use it as justification for hatred. But somehow these people, who think that they should avoid anything because it could be used in the wrong way, are on a computer. Microsoft could do the same thing. Apple could. The many developers of Linux could as well. Hell, if we're really being paranoid about it, I'd be more worried about the Linux developers since they don't have incoming money on the line.

Re: A whole lot of words to say nothing.

"Soooo he is saying they do check DNS"

But he's also saying they're not actually sending the DNS data to their servers. They're sending a hash of it. Hashes can't be reversed -- if you have the hash, you can't recover the data that was hashed from it.

So, Valve doesn't ever actually receive your DNS entries, and you don't have to trust that they'll do something nefarious with them.

Re: Re:

Re: Re: Re: DRM should never be trusted.

I didn't mean they weren't using DRM, I meant they aren't treating their customers like criminals, because their customers are the publishers, and the publishers are the ones who want the DRM. GOG just recycles old stuff so they don't have to worry about the publishers pushing for DRM.

GOG can't sell many to most brand new games because apart from some indie devs the publishers won't put their games up for sale without DRM because they are all super paranoid. This is the market that steam is serving, steam's customers want DRM. It's the publisher's customers that hate it :)

Re: Nice to see the honesty

Unfortunately this is part of steam, so if you want to avoid it, you have to go way way way broader than avoiding valve games.. You have to avoid games that use steam.. which is a lot of work :) You don't even get to know ahead of time for the most part and even many console games use it behind the scenes.

Re: As a Single Player Hacker

The Steam DRM is different than the anticheat software. The anticheat software is only used when playing online multiplayer games. You can opt out of using the anticheat software, but then you can't get onto various servers to play. Single player gaming is not effected by the anticheat software. And to everyone complaining about Steam DRM, I take it you don't use apple products either, because what apple does is way more intrusive than anything steam does.

Re: Re: Re: Re: DRM should never be trusted.

> I didn't mean they weren't using DRM, I meant they aren't treating their customers like criminals, because their customers are the publishers

They treat users who buy games from them as criminals. Publishers (which are their clients on the other side of the merchandise chain) come to them with demands of deploying DRM and Valve oblige them. GOG shows such publishers to the door, because obliging unethical demands is wrong even if it comes from the client. (Or even especially when it comes from the client which pays for it).

> GOG can't sell many to most brand new games because apart from some indie devs the publishers won't put their games up for sale without DRM because they are all super paranoid.

Yes, that was my point. And they are faring just fine - they are very profitable. I.e. there is no need to bend to unethical demands of lunatic publishers who insist on DRM, argumenting that with fear of not being profitable.

And about new games, the number of sane studios and publishers which don't use DRM grows and things slowly improve. But it's still a while until lunatic DRM Lysenkoists will become a minority.

Re: Re: Re: A whole lot of words to say nothing.

> Still though, its really unnerving how> this ugly little program can go crawling> through your files, sending god knows what> back to Valve

How is it that these commercial companies can routinely implement and distribute software that essentially 'hacks' the computers of every customer that uses it, but the moment any Average Joe even downloads 'too much' stuff from a web site that gives it away for free, he's suddenly facing 30 years in a federal ass-raping prison for violating the CFAA?

Re: Re: Re: Re: Re: DRM should never be trusted.

Sure. The issue is that before / without steam, the publishers published themselves and you never knew what did or didn't have DRM in it, or what the DRM was doing to your system. Steam could be GOG instead, but then it wouldn't be steam, it would just be a useless competitor to GOG instead of a popular product. It would not be servicing the mainstream gamers at all, who most definitely would not suddenly stop buying these games and start buying only indie games, they would just have a hodgepodge of mostly unknown and unchecked DRM installed on their systems without their knowledge at all and doing all kinds of crazy stuff.

Re: Re: Re: Re: Re: DRM should never be trusted.

Certainly, when you are talking about Valve's own games, thats a whole other story.. Another (imo bigger) issue is that you can't publish to steam without DRM. So they are actually *pushing* publishers to use it when they normally wouldn't. That is inexcusable!

Re: Re: Re: Re: Re: Re: DRM should never be trusted.

I'm not sure what "mainstream" gamer means, since gamers have a great variety of preferences. GOG is already big enough to be considered Steam's competitor. It's not as big as Steam of course, far from it yet. But it's second biggest and quickly growing. The only serious thing they are missing now is support for Linux games.

> Steam could be GOG instead, but then it wouldn't be steam, it would just be a useless competitor to GOG instead of a popular product.

That was my point exactly, when I disagreed when you said that Valve isn't doing it (as if under pressure). They are doing it decisively. I.e. they decided to participate in proliferation of unethical practice (DRM) for the sake of increasing profits (i.e. dealing with more publishers). So they are doing it. It's their choice and it can't be excused with someone's pressure.

Re: As a Single Player Hacker

Re: Re: Re: A whole lot of words to say nothing.

VAC only looks at the active processes running in the background...and compares your actions on the screen while in an online game with what's supposed to do according to the server you're on...VAC cannot be triggered when servers enable the CVAR "sv_cheats 1" console command...but it will ban you for hacking the server to enable it....it only goes by in game statistical gameplay data...which means it's NOT searching through your files...

Re: Re: Re: Re: A whole lot of words to say nothing.

I don' think anybody said it was searching through your files. However, Valce is doing both more and less than you say.

According to them, they are looking in your DNS cache to see what domain names you've resolved lately. But that's overstating it -- they're taking hashes of those domain names and sending the hashes off to their server, where they're compared with a list of forbidden hashes.

It's actually a decent compromise, privacy-wise: it doesn't reveal to them what the domain names you resolved actually are, but lets them raise a flag if any of them match a "forbidden" list.

Nonetheless, this is pure spyware stuff. What they're doing is highly objectionable even if the data being transmitted poses minimal risk. I won't knowingly allow this sort of nonsense on my own machines.

Re: Re: Re: Re: Re: Re:

Re: Re: Nice to see the honesty

Yes, I meant Steam. Avoiding it is no work at all, actually -- I just uninstall those games and firewall off all network access to their servers (in case I miss one). Done.

But I don't want to overstate this -- Although I think they're walking a thin line here, I'm not actually convinced that their actions could be termed anything like "evil." They've done this is a fairly decent way, and I won't condemn them for it.

Re: Re: Nice to see the honesty

I assume no such thing. Outside of Steam, I do not play games that require internet access, and I firewall them off just in case they're being sneaky.

I don't trust any of them enough to be comfortable with them. Steam is an exception purely for reasons of tradition: I was using Steam from the very first day, back when I was a touch more innocent and less suspicious. I recognize the irrationality of this exception, and so it didn't take much to sour me on Steam.

Re: Re: tarring your critics?

He certainly is implying that. Think of the following quotes which we've seen various flavours of on Techdirt:

Politician: We need to snoop on all your web browsing to catch paedophiles. Obviously paedophiles won't like this, so you will see some stories trying to cast this program in a sinister light.

NSA: We need to snoop on all your web browsing to catch terrorists. Obviously terrorists won't like this, so you will see some stories trying to cast this program in a sinister light.

Gabe: We need to snoop on all your web browsing to catch cheaters. Obviously cheaters won't like this, so you will see some stories trying to cast this program in a sinister light.

In each case they are pointing out that their objective is to catch bad people, which of course has to be a good thing. After all, bad people! So of course bad people won't like this and will write nasty things about the program. Think about that every time you see someone argue against this program, and think of the children(tm)!

And of course with the NSA this is happening at this moment - with David Miranda and Jesselyn Radack being treated as terrorists for opposing the NSA's anti-terrorist program, and politicians sparing no opportunity to attack Snowden, Greenwald et al.

Now I would reiterate that I think Gabe did the right thing in issuing a prompt response, and in a human manner rather than something tied up in lawyerese and PR-speak. I also trust Steam far more than I trust politicans/NSA and actually believe what he says.

I just think he could have ditched the line where he tried to associate anyone who disagreed with their browsing being spied on with cheaters.

I would point out that I do use Steam and am happy with the service they provide. I'm not going to stop as a result of this disclosure.

Re:

Re: Re: Re: Re: Re: A whole lot of words to say nothing.

The key distinction is not all of it. Just those within a certain timeframe. And honestly, if Valve didn't have such goodwill in the community for the most part, this would have been a much bigger thing.

The fact that Gabe said that it does do some of the things that are mentioned is frightening. But he also (wisely, I might add) pointed out that, whilst that aspect of the code is frightening, that all people who wanted to weaken the VAC system had other motives, and the simplest way to do that was to misrepresent it. Which makes sense. And Gabe has earned a lot of trust.

Re: Re: Re: Re: Re:

Not to mention that developing working Anti-Cheat software is actually possible.

Imagine your boss asked you to make sure that nobody can read the books they sell while making sure that everyone can read the books they sell. Unless you happen to already have a very Pointy Haired Boss (my condolences), you would think that they went utterly insane. This is essentially what DRM sets out to try to do. There is a reason they want anti-circumvention features. To try to enforce via law what is logically impossible.

Re: As a Single Player Hacker

Re: Re: As a Single Player Hacker

You're absolutely right, I don't use Apple products either... nor Microsoft. Defenestrated completely 12 years ago and have never seen a reason to go back, nor to accept Apple's very pretty handcuffs as a replacement.

On the other hand, we bought all three gaming consoles last generation. I've been playing home video game consoles for literally over 40 years at this point, so not having a lot of access to the system software is something I've come to expect. But this time around, we'll have Steamboxes available as an option, and one of them might end up being our main console. In the world of gaming consoles, the Steambox is a huge step forward for openness -- arguably a bigger one than Ouya because Valve actually matters -- and I have an instant game collection of dozens of Humble Bundle purchases as soon as I request the keys, many of which I haven't played because I think they'd be better suited to a television and all 165 of which (and counting; they have a great bundle going as I type this) should be SteamOS compatible whether they're on Steam or not.

I won't be installing Steam on anything I use for normal computing tasks, though. Yay for Valve shaking up both the console and PC gaming markets, whether they succeed or not. Boo for Valve wanting to treat my laptop as though it's theirs and I'm just renting it. Windows and OSX/iOS users may be used to that stuff, but I like to own the computers I pay for.

Re: Re: As a Single Player Hacker

Re: Re:

Actually no, it's more like having a setuid root script that steam can modify at will on my system, so can therefore be used to run ANYTHING. If steam update got hacked (say by the NSA), millions of computers could get infected by spyware/trojans etc.

Re: Re: Re: Re: Re: Re: DRM should never be trusted.

Another (imo bigger) issue is that you can't publish to steam without DRM.

That's not true. You can publish to Steam without DRM, and plenty of publishers have. These games can be launched from their executables without Steam needing to run. They don't use Steamworks or any third-party DRM.

Re: Nice to see the honesty

VAC is enabled only on specific servers, and you can choose not to enable it on your machine and to only play on VAC-free servers. It doesn't exist on singleplayer games and many multiplayer games. It is separate from Steam.

If VAC is Evil, Gamers do what? Demand less security??

" social engineering might be a cheaper way to attack the system than continuing the code arms race"

While this explanation sounds legitimate on the surface, I would like to know exactly how "social engineering" - ie making folks distrust VAC and Valve via scare stories about snooping on clients habits, is in any way effective in making cheating easier, or in making cheat coding easier or more effective for the cheaters.

Its not as if the non-cheating gamers are going to go elsewhere to play where security is less stringent, or demand that VAC be made less effective against cheaters.

The users of these anti-cheat policing system game-shops have no say whatsoever in how the security wares operate - I would guess that most of the users are unaware of the anti-cheat system software altogether, or at least are generally unconcerned about it.

How would attacking people's trust in the system make it easier to cheat the system, or easier to write better cheat codes to game the system??

I just don't see the connection that Newell is trying to make here, nor does he spell it out at all in his post. He simply makes the claim and leaves it at that.